Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c3-d0akOOqTM80v6yQLTdFEP9L4.roa
File: c3-d0akOOqTM80v6yQLTdFEP9L4.roa (raw, json)
Hash identifier: UJfxr53mUUqb2bIDIwGHQaA8+D+/FbolsgDJqfFOi6E=
Subject key identifier: 73:7F:9D:D1:A9:0E:3A:A4:CC:F3:4B:FA:C9:02:D3:74:51:0F:F4:BE
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0188008D2376D3E1214A5CCDC5BA10418E02
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c3-d0akOOqTM80v6yQLTdFEP9L4.roa
Signing time: Tue 09 May 2023 12:47:09 +0000
ROA not before: Tue 09 May 2023 12:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.212.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
185.226.180.0/24 maxlen: 24
45.155.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:8d:23:76:d3:e1:21:4a:5c:cd:c5:ba:10:41:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 9 12:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=737f9dd1a90e3aa4ccf34bfac902d374510ff4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:94:44:10:f9:ad:b6:7a:ec:07:8c:c9:de:
c2:f1:88:db:ca:70:64:4d:eb:13:c3:06:54:bd:29:
60:0e:b2:8c:17:95:df:a2:b7:c8:fa:a6:fb:85:cf:
99:bb:95:5f:fb:f8:52:35:aa:a7:ca:83:f8:a7:f0:
6f:4b:10:9d:c4:7b:41:3e:48:3d:93:66:56:b9:dc:
16:72:1a:fe:ff:76:9a:47:46:7e:1d:93:37:ec:72:
5e:0a:b9:6f:8a:8f:54:9e:25:3c:6d:cc:27:6a:62:
ae:34:be:8a:4c:22:b4:6a:11:fc:1e:59:4a:c4:5c:
59:f4:8f:d8:c6:be:0d:ef:50:5f:df:91:80:a7:e4:
df:aa:af:11:e2:91:de:74:d4:93:af:d6:f5:14:67:
48:79:5a:a1:25:36:67:6f:f2:9f:e1:08:a6:dd:cb:
c1:39:52:9f:bb:74:62:28:67:48:cb:24:a7:43:d2:
6a:0b:ad:10:22:3f:db:5b:5c:af:1f:80:b3:11:f8:
7e:2e:f3:0c:83:d3:38:d6:84:07:52:f5:8d:81:8d:
91:23:a2:05:c4:39:8e:02:08:5d:a4:f2:46:d0:c2:
43:7b:de:7a:c1:55:59:75:d7:f0:23:71:53:44:9d:
bf:88:4e:90:d3:d0:ce:47:e2:00:a0:b8:04:87:66:
7e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7F:9D:D1:A9:0E:3A:A4:CC:F3:4B:FA:C9:02:D3:74:51:0F:F4:BE
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c3-d0akOOqTM80v6yQLTdFEP9L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0-45.155.254.255
79.98.246.0/23
185.199.148.0/23
185.199.212.0/24
185.225.170.0/23
185.226.180.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b3:66:51:fc:d6:fd:25:ba:30:f8:b2:f4:74:fe:88:c2:6c:
1b:0d:d0:8a:f8:51:9e:f0:be:52:c6:8c:b9:4e:7a:0a:3b:46:
af:ac:2b:d1:95:a0:60:99:d2:ac:c2:cf:98:ba:90:4a:b8:a0:
25:52:22:85:9b:76:f3:a2:d6:04:99:be:31:10:f9:e5:71:63:
7b:99:02:12:27:bd:5d:da:67:6e:9d:09:c5:41:ce:53:dc:8a:
a9:2d:19:ae:d0:b7:f0:8c:64:d7:a7:0e:43:9b:7e:4f:6b:52:
4c:46:77:6a:1b:f9:6b:3b:e1:9e:55:cb:0c:c4:be:87:84:b9:
df:b8:dc:8c:8d:a0:04:9a:c6:50:76:3b:69:89:87:f5:7f:ac:
bd:c2:38:56:b7:6c:aa:19:04:0f:31:81:2a:44:62:b1:37:48:
8a:91:40:78:c3:88:7c:fd:84:4d:82:27:c4:20:6c:54:b0:53:
95:73:99:a3:d9:20:9b:5a:86:f1:17:0b:35:eb:c2:f0:11:c7:
b7:e4:9d:09:8a:dd:97:ef:e8:31:11:68:d2:ed:1e:d2:5b:33:
7d:73:88:2c:27:80:06:6f:78:9e:a8:c5:6a:2c:f6:0d:a5:83:
e2:0a:a1:67:dd:2b:d7:de:fc:c9:9c:61:de:2a:21:42:b2:8d:
53:be:8a:5f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYgAjSN20+EhSlzNxboQQY4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTA5MTI0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdmOWRkMWE5MGUzYWE0Y2NmMzRiZmFjOTAyZDM3NDUxMGZmNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAGURBD5rbZ67AeMyd7C8YjbynBk
TesTwwZUvSlgDrKMF5XforfI+qb7hc+Zu5Vf+/hSNaqnyoP4p/BvSxCdxHtBPkg9
k2ZWudwWchr+/3aaR0Z+HZM37HJeCrlvio9UniU8bcwnamKuNL6KTCK0ahH8HllK
xFxZ9I/Yxr4N71Bf35GAp+Tfqq8R4pHedNSTr9b1FGdIeVqhJTZnb/Kf4Qim3cvB
OVKfu3RiKGdIyySnQ9JqC60QIj/bW1yvH4CzEfh+LvMMg9M41oQHUvWNgY2RI6IF
xDmOAghdpPJG0MJDe956wVVZddfwI3FTRJ2/iE6Q09DOR+IAoLgEh2Z+lwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHN/ndGpDjqkzPNL+skC03RRD/S+MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYzMtZDBha09PcVRNODB2NnlRTFRkRkVQOUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAItm/wD
BAAtm/4DBAFPYvYDBAG5x5QDBAC5x9QDBAG54aoDBAC54rQDBADCklwwDQYJKoZI
hvcNAQELBQADggEBAEOzZlH81v0lujD4svR0/ojCbBsN0Ir4UZ7wvlLGjLlOego7
Rq+sK9GVoGCZ0qzCz5i6kEq4oCVSIoWbdvOi1gSZvjEQ+eVxY3uZAhInvV3aZ26d
CcVBzlPciqktGa7Qt/CMZNenDkObfk9rUkxGd2ob+Ws74Z5VywzEvoeEud+43IyN
oASaxlB2O2mJh/V/rL3COFa3bKoZBA8xgSpEYrE3SIqRQHjDiHz9hE2CJ8QgbFSw
U5VzmaPZIJtahvEXCzXrwvARx7fknQmK3Zfv6DERaNLtHtJbM31ziCwngAZveJ6o
xWos9g2lg+IKoWfdK9fe/MmcYd4qIUKyjVO+il8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-fra.rpki-client.org